Secure radio communication systems that encrypt information are known in the art. In such systems, a group of communication units can communicate securely when the group is assigned a key and each member of the group is provided with the key. In a secure communication system with many groups, many keys are required. Typically, the keys are managed by a Key Management Controller (KMC). Providing a key to a communication unit is often referred to as rekeying, and the KMC assigns keys to the communication units by Over-The-Air-Rekeying (OTAR), i.e. the communication units are rekeyed over a radio channel. Communication units may also be rekeyed with a Key-Variable-Loader (KVL), however, this method requires the communication unit and the KVL to be connected via an interconnecting cable prior to rekeying. Using OTAR or the KVL allows keys to be changed when desired.
Organizations, such as federal agencies, have operations in various locations through out a country. To manage the keys in a secure communications system used by such agencies, a KMC is provided at each location. Hence, a communication unit traveling from a location with a local KMC to a destination with a destination KMC, requires a key from the destination KMC in order to communicate securely at the destination. Rekeying the communication unit in this situation requires a substantial amount of cooperation between the operators of the local KMC and the destination KMC. For example, the local KMC must provide the communication unit with a unique shadow key, the communication unit must be entered into a database in the destination KMC, and the destination KMC must load the communication unit with the key upon arrival. As can be seen, this method is quite involved and requires a substantial amount of human input and interfacing. While this method works well for one or two units, when multiple groups of communication units need rekeying at multiple locations, the present method becomes complex and time consuming and is subject to human error.
Therefore a need exists for a method of rekeying multiple groups of secure communication units that can be done quickly, easily and without potential for human error while maintaining secure communications.